General

  • Target

    MobaXterm_Portable_v24.3.zip

  • Size

    40.0MB

  • Sample

    241109-mhk3zasgjn

  • MD5

    4ae49955c18f82001444f4f9dc402421

  • SHA1

    7e89742588d3bea4fe7eaf0100b03188153f7757

  • SHA256

    aaf22029516e6ff254e67bf492eebb34d84dd3587a686132d0c2d69a1a9abec0

  • SHA512

    0564b6080a3fa5cb18b7c99da570549fe0c16aadd92659b9a0a979f621547bd2feca59925a2f09109f9a64e6edf77943a4df0e959bfd174f7d76c6f6ab736e2f

  • SSDEEP

    786432:MLyKlSJfTxwclfbKYhMq7FRTggxvWe/1wkxP3gVVQClxsAzGr8ZTJE4qk0Rp:MJIJbxwc8Y+qp9XeY1wCg7QUtjCL

Score
7/10

Malware Config

Targets

    • Target

      MobaXterm_Portable_v24.3.zip

    • Size

      40.0MB

    • MD5

      4ae49955c18f82001444f4f9dc402421

    • SHA1

      7e89742588d3bea4fe7eaf0100b03188153f7757

    • SHA256

      aaf22029516e6ff254e67bf492eebb34d84dd3587a686132d0c2d69a1a9abec0

    • SHA512

      0564b6080a3fa5cb18b7c99da570549fe0c16aadd92659b9a0a979f621547bd2feca59925a2f09109f9a64e6edf77943a4df0e959bfd174f7d76c6f6ab736e2f

    • SSDEEP

      786432:MLyKlSJfTxwclfbKYhMq7FRTggxvWe/1wkxP3gVVQClxsAzGr8ZTJE4qk0Rp:MJIJbxwc8Y+qp9XeY1wCg7QUtjCL

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks